New security features in Windows 10

Fresh Start

Protection Courtesy of Containers

The new Windows Server 2016 will allow companies to define specific applications for access to corporate data and also prevent the copying of corporate data to untrusted devices, depending on the security profile. Windows Server will enable this functionality through the use of containers. Microsoft uses Docker technology [6] to create a Windows Server Container. Although Docker technology alone does not yet allow containers to be insulated, because they share a common operating system, libraries, and binaries, Microsoft relies on containers in conjunction with Hyper-V virtualization to isolate the containers from each other.

Not a lot has changed with Windows Defender. The configuration will take place in the Windows 10 menu in the future and no longer in Defender.

The applications in the containers can be executed on an end device without a local installation. The data in containers is also encrypted automatically. With this unified access, Microsoft wants to prevent users from having to activate certain tools or applications first to access business data. Microsoft is so enthusiastic about Docker that it wants to integrate support in both Windows Server and Microsoft Azure, and as far as is currently known, Docker in Windows 10 Mobile, the former Windows Phone, is also possible.

In addition to Docker, Microsoft implements the Hyper-V container technology, which is used to isolate containers from each other using the Hyper-V hypervisor. The containers can then run on platforms such as Windows Server Core or the new Nano Server generation.

Windows Defender Against Viruses

Windows Defender is an integral part of Windows 8 and aims to protect computers from malware. The Windows 10 Windows Defender interface is similar to previous versions of Windows Defender. The Defender options are now configured in the Windows 10 configuration menus and no longer in the Windows Defender application itself. Windows Defender will be an integral part of the next version of Windows Server. You can also use System Center Endpoint Protection, which allows central management and distribution functions, instead of Windows Defender.

Meanwhile, malware authors are constantly developing new techniques for hiding their malicious code from anti-spyware software. The procedure called obfuscation encodes and nests commands to divert the scanner's attention from the real attack.

In Windows 10, Microsoft provides the new Antimalware Scan Interface (AMSI) for scripting environments. Using AMSI, app developers can install special access in their programs for antivirus software. The aim is for the script environment (instead of the virus scanners) to decrypt the possible malicious code first and only then pass on the code in plain text to the virus scanner.

Conclusions

Microsoft has increased security in Windows 10 and has thus attempted to make life as difficult as possible for attackers. Features such as Device Guard, Windows Defender, and AMSI help protect the system from attack. Microsoft has also beefed up its support for alternative authentication techniques and has included support for two-factor authentication with Windows 10.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus